-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Timothy Murphy Sent: Monday, July 05, 2010 10:11 PM To: centos@centos.org Subject: Re: [CentOS] DNS or firewall problem
Thomas Dukes wrote:
Do u have ipv4 forwarding on in your /etc/syscttl
Uhhh, in /etc/sysctl.conf,
net.ipv4.conf.ip_forward = 0 ??
change to = 1 ??
I have more or less the same setup as you, and I have net.ipv4.conf.ip_forward = 0 in /etc/sysctl like you, but I have no problem accessing my server from my laptop.
I am running shorewall, and it would be easy to set this up to have the effect you describe.
I have the line loc $FW ACCEPT in /etc/shorewall/policy . The default is loc $FW REJECT info which would have the effect you describe.
Nb I don't really understand iptables, but I find shorewall does most of the thinking for me.
I use the iptables firewall rules in the linux ip masquerade howto. Been using it for years without a hitch.
http://www.tldp.org/HOWTO/html_single/IP-Masquerade-HOWTO/#RC.FIREWALL-IPTAB LES-STRONGER
I looked at shorewall some time ago but like you, I was confused with iptables.